K8s Ubuntu Server学习环境搭建

READ 1->https://blog.csdn.net/unique_perfect/article/details/116378091#t42
READ 2->https://www.bilibili.com/video/BV1Qv41167ck?p=7
https://juejin.cn/post/6954633587119521806

1.0 安装Ubuntu Server 20.10

使用的是VirtualBox，以及桥接网卡模式，LinuxMint20.1

首先去清华源下载ubuntu server20.10 虚拟机安装，安装的时候配置清华源。

安装之后我这里为了防止重启IP变化配置了静态IP

root@master:~# cat /etc/netplan/00-installer-config.yaml 
# This is the network config written by 'subiquity'
network:
  ethernets:
    enp0s3:
      dhcp4: false
      addresses: [192.168.1.72/24]
      optional: true
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8,119.29.29.29]
  version: 2
root@master:~# 

需要启动sshd服务，以及修改/etc/sshd/sshd_config

PermitRootLogin yes

允许使用密码登录

同时，修改root密码

sudo passwd

安装三台分别是master node1 node2，使用tmux远程登录，同时操作这三台设备

image.png

1.1 配置DNS/HOSTS

vim /etc/hosts 追加

192.168.1.72 master
192.168.1.71 node2
192.168.1.66 node1

1.2 配置时间时区

https://blog.csdn.net/zhengchaooo/article/details/79500032

查看时间是否同步

timedatactl

output

System clock synchronized: yes

1.3 关闭iptables

root@master:~# ufw disable
Firewall stopped and disabled on system startup

1.4 关闭SELINUX

apt install policycoreutils
sestatus

我这里已经默认是关闭的。
如果需要手动关闭，参考

https://linuxconfig.org/how-to-disable-enable-selinux-on-ubuntu-20-04-focal-fossa-linux

1.5 关闭swap

https://graspingtech.com/disable-swap-ubuntu/

设置完之后重启设备

1.6 安装docker

apt install docker.io

配置镜像

https://segmentfault.com/a/1190000023117518

1.7 br_netfilter

lsmod |grep br_netfilter
sysctl -a|grep net.bridge.bridge-nf

READ->https://zhuanlan.zhihu.com/p/138554103
在Ubuntu 20.04 Server上，这个值就是1。如果你的系统上不一致，使用下面的命令来修改：

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system

1.8

#修改/etc/sysctl.d/10-network-security.conf
gemfield@ai05:~$ sudo vi /etc/sysctl.d/10-network-security.conf

#将下面两个参数的值从2修改为1
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1

#然后使之生效
gemfield@ai05:~$ sudo sysctl --system

1.9 安装kubelet等

sudo apt-get update && sudo apt-get install -y ca-certificates curl software-properties-common apt-transport-https curl

curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

sudo tee /etc/apt/sources.list.d/kubernetes.list <<EOF 
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

1.10 准备镜像(master节点)

参考： https://juejin.cn/post/6954633587119521806
detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd".

vim vim /etc/docker/daemon.json

"exec-opts": ["native.cgroupdriver=systemd"]

防止找不到image

docker tag coredns/coredns:1.8.0 registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.8.0

1.11 创建master(master节点)

kubeadm init --pod-network-cidr 172.16.0.0/16     --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers

成功之后

                                                                                                                                                                             
Your Kubernetes control-plane has initialized successfully!                                                                                                                   

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.72:6443 --token s5q4qq.uah55zwhi2q4uv9p \
        --discovery-token-ca-cert-hash sha256:c2d67ffba7b56b22c282921f204cb2eefe8e226856e76aff1482da1480630a75 

执行

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

1.11 子节点加入主节点(node1或node2节点)

到node1或者node2执行

kubeadm join 192.168.1.72:6443 --token s5q4qq.uah55zwhi2q4uv9p \
        --discovery-token-ca-cert-hash sha256:c2d67ffba7b56b22c282921f204cb2eefe8e226856e76aff1482da1480630a75 

此时还是节点未准备状态

root@master:~# kubectl get nodes
NAME     STATUS     ROLES                  AGE   VERSION
master   NotReady   control-plane,master   13m   v1.21.2
node1    NotReady   <none> 

1.13 子节点和主节点网络插件

还需要安装网络插件

wget https://docs.projectcalico.org/manifests/calico.yaml

修改calico.yaml文件，取消注释

            - name: CALICO_IPV4POOL_CIDR
              value: "172.16.0.0/16"

然后

kubectl apply -f calico.yaml

等待一两分钟，执行下面的命令，应该就正常了Ready状态

kubectl get nodes

1.14 创建Nginx容器运行在K8S中

kubectl create deployment nginx --image=nginx:1.14-alpine

查看暴露端口

root@master:~# kubectl get pods,service
NAME                         READY   STATUS    RESTARTS   AGE
pod/nginx-65c4bffcb6-4cjxd   1/1     Running   0          15m

NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP        39m
service/nginx        NodePort    10.99.164.24   <none>        80:31279/TCP   14m

找到节点master ip 我这里是
http://192.168.1.72:31279/

访问，是Nginx，那么测试学习环境搭建完毕